About this Show

Capital News Today

News/Business. News.

NETWORK

DURATION
03:00:00

RATING

SCANNED IN
San Francisco, CA, USA

SOURCE
Comcast Cable

TUNER
Channel 91 (627 MHz)

VIDEO CODEC
mpeg2video

AUDIO CODEC
ac3

PIXEL WIDTH
704

PIXEL HEIGHT
480

TOPIC FREQUENCY

U.s. 34, Us 19, Syria 18, Israel 14, Egypt 13, Estonia 12, China 11, Iran 10, Iraq 8, United States 7, U.n. 6, Dennis 5, Nato 5, Washington 5, America 5, Cyberspace 5, Obama Administration 4, Canada 4, Mr. Carney 4, Russia 4,
Borrow a DVD
of this show
  CSPAN    Capital News Today    News/Business. News.  

    November 8, 2012
    11:00 - 1:59am EST  

11:00pm
officials for government. and adhere to the sensible party exercising and leadership and attract outstanding individuals for the cause of the party and country. promoting common community in an innovative way and consolidate the organizational [inaudible] and preserve the political character of integrity. communist, marxism, and socialism is sustained in all contexts. we should give high priority to developing the party's theory, which is essential for the shared socialism with chinese
11:01pm
characteristics and we intensify the education which is at the core of party building. we should conduct and make the members and officials develop a firm and correct attitude towards power and career. we should raise moral standards and the foundation for party building. we should encourage party members and officials to become role models. serving the people is the fundamental purpose of the party. putting people first and exercising governance for the people is the ultimate yardstick for judging all the party's performance in this regard.
11:02pm
at all times, we must put the people's interests above everything else. we should carry out intensive activities throughout the party to study its [inaudible] with a focus on the need to serve the people and to be down to earth, honest, and write and conduct. we should solve key concerns to the people and raise our ability to give people related work well under these conditions. we should support people's organizations and linking the
11:03pm
party and government with the people. voicing public concerns on protecting people's legitimate rights and interests. interparty democracy should be adhered to interparty democracy and promote people's democracy with interparty democracy. we should uphold the principle position of party members to better protect their democratic rights and assure that party members have the right to participate in and oversee party affairs, as well as the right to vote. we should improve the system of party congresses and raise the proportion of delegates from workers [inaudible]
11:04pm
and include the procedures of the standing committees. to uphold and build socialism with chinese characteristics. political conviction, confidence, and we should adhere to the principle as the party supervising the performance and without regard to the origin, select officials on the basis of both moral integrity and professional competence with priority given to the former and promote officials for outstanding performance. we should encourage our performance in all fields so they will come in large numbers and we should capture their best years. we should make the management
11:05pm
promoted [inaudible] and we should improve training of the officials to make greater efforts to train officials and encourage young officials to work in getting experiences in local communities in hard areas. advancing the cause of the party and people. we should train competent personnel as a priority and turned china from a country with large human resources into one of competent professionals to form and internationally competitive system that is capable of aspiring to creativity.
11:06pm
and playing a key role in rallying and leading the people in implementing and implementing the system of party building. intense development, serving the people in public support and promoting harmony. improving education and management of party members and encouraging them to be vanguards and role models and improve better qualified people into the party and give high priority for young workers and intellectuals to improve the composition of party membership. combating corruption and promoting political integrity, which is a major political
11:07pm
issue. a great concern to the people, it is a clear-cut and long-term political commitment of the party. [inaudible] we must -- [inaudible] [applause] >> translator: we should promote integrity. we should persist in combating corruption and in an integrated way, adjusting both the root causes and the punishment and prevention and emphasis on the latter. advancing the establishment of combating corruption and
11:08pm
political integrity is upheld. we should combat corruption and promote clean government and improve the culture of clean government. we should improve the crucial links and anticorruption laws and prevent and fight corruption in a more scientific way. we should rigorously implement a system of accountability and upholding integrity. we should conduct thorough investigations and work hard to resolve the problems of corruption that directly affect the people. whoever they are and whatever power and official positions they have must be brought to justice. centralized leadership is the source and the strength and the
11:09pm
fundamental guarantee for china's economic and social development. ethnic unity and progress during peace and stability. especially principle leading officials must abide by the party constitutions, as well as organization of principles and guidelines and guiding principles in political activity and no one allowed is to place oneself above the organization. it must resolutely uphold and maintain a high degree of unity theoretically and politically and with action. enforcing party discipline. advancing unison as great force.
11:10pm
[speaking in native tongue] >> translator: on the new journey forward we must be convicted and make more determined efforts to accommodate advancing modernization. upholding world peace and promoting common development. [speaking in native tongue] >> translator: living up to their expectation of us under new historical conditions to help a potential dangers and to remain clearheaded.
11:11pm
we must be innovative in our thinking and maintaining energy. we must always put people above. we must work hard and preserve the integrity. these characteristics hold great promise for the future and a success intends is contingent of young people, the whole party should care about our young people and learn about what they have in mind and encourage their growth and support them. young people should respond to the parties outlook on life and
11:12pm
sense of values and always cherish our country and our great nation. [speaking in native tongue] let the youthful vigor shine with radiant vibrance. [applause] [speaking in native tongue] >> translator: the success of chinese characteristics cannot be achieved without a concerted effort of the chinese nation. our common course depends on unity. all party members must ensure unity and must pursue the unity
11:13pm
of the whole party and the unity of all ethnic groups in china including promoting great unity of the peoples of other countries. we should complete a moderately prosperous society to win a new victory for socialism and make strong efforts create an even brighter future for the chinese people and nation. [applause] [applause]
11:14pm
>> tonight on c-span2, the american section of international law to miami beach fountain bleu hotel. >> there is a mandate in yesterday's result. it is a way for us to find a way to work together in the solutions and the challenges that we all face as a nation. my message today someone of is not one of confrontation. but it is one of conviction. it creates a series of tremendous challenges and great opportunities. american people want us to work together. republicans want us to work together.
11:15pm
we want a balanced approach to everything, but especially the situation that we have with the huge deficit and taxes that are part of that. >> the newly elected congress or its work in january. the current congress has work to do through the end of the year in what is referred to as a lame-duck session. work includes the expiration of the bush era tax cuts, the deficit, and raising the debt ceiling and how much. and possible cuts to domestic and military spending. follow all the floor debates with white white house and live coverage on c-span2. >> live starting at 9:00 a.m. eastern on c-span2. on c-span3, examination of the 2012 election. political examination includes voter turnout and changing
11:16pm
demographics. that is live from the bipartisan policy center at 9:00 a.m. eastern on c-span3. >> are you trying to get up without anyone knowing? >> [inaudible] >> that is ridiculous. >> it is really crazy right now. at some point he could have invested too much narcotic and he will suffer. >> we ended up following him after this plane ride to the fed and -- [inaudible]
11:17pm
through this program he actually was able to walk out on his own 2 feet. so i really commend the military for choosing and allowing us to tell the story, both the good and the bad. but for recognizing this problem and that there is this problem of overmedication and they are looking for ideas of how to fix it. that is the whole feature of the film. the metaphor of fire and the status quo is not working. >> more with matthew heinemann, the producer and director of escape fire. sunday night at 8:00 p.m. on c-span's "q&a."
11:18pm
>> next come a discussion on the effect of cyberattacks on the government and the private sector. this is 90 minutes. >> good morning. greetings. welcome attendees and c-span viewers who program entitled cyberterrorism and cybersecurity and war, fighting in a virtual world. this program is being presented in miami beach. it is comprised of 23,000 lawyers from over 90 countries and organizes and conducts events year-round to educate the bar and promote the rule of law. this program is sponsored by the national security committee. my name is john harrington environment private practice in new york city and in connecticut and i am the cochair of the national security committee. i would like to recognize our
11:19pm
cosponsor an committee, the aerospace and defense industry committee and william black, my cochair for this presentation. it stretches back a full year when the national security committee proposed a program, which we tried to divine which program would have currency. we were fortunate to have leon panetta last week make a very widely broadcasted speech on the subject of cybersecurity and cyberwarfare. accordingly, the subject matter has been in news. he outlined his deep concerns about computer networks that support our military, infrastructure and business networks. mr. leon panetta elaborated on
11:20pm
many things and that includes the high-profile attacks, including the alleged russian denial of service attack entering into georgia, the disruptions in estonia and the iranian nuclear centrifuges. there are dozens of thwarted attacks on other infrastructure occurring on an almost daily basis. the sector of devastating utility concern all of us. and it presents legal issues we should be aware of as we advise our clients. we have four highly qualified speakers here today who are going to discuss these issues. starting with elizabeth preston, who is the managing partner at
11:21pm
the national canadian law firm. for the past 26 years, she has worked in emergency response, national security, and counterterrorism. either as an executive or in-house counsel and now outside counsel. part of it is 911 responders and public policy and is nearly through her phd. she is the vice chair of the aba committee on aerospace and defense industries. and we also have mark nackman, and assistant general counsel and a general dynamic person who helps companies with their cybersecurity needs. he served as a judge in the air force and is cochair of the aerospace and defense industry committee. next we have david bodenheimer.
11:22pm
he is sitting next to elisabeth preston. he is a partner in government contract office where he heads up the homeland security project. he is cochair of the public contract law section cybersecurity committee and division chair of the science and technology section security and privacy in information law provision. closest to me we have jason chipman. he was the department of justice to deputy attorney general counsel. prior to that reserve and national security division at doj were his work focused on cyberoperations and national security council issues.
11:23pm
i would like to start this discussion by asking elisabeth preston to come and give her remarks. thank you very much. >> good morning. my role will be to provide a little bit of context. i am going to talk a little bit about terminology to make sure that we are on the same page about the terminology and i will give you a bit of a chronology for the types of events that we have seen over the past 10, 12, 14 years -- something like that -- to give you some context. my colleagues, when we discuss the application of law and the sorts of context, we can work with any context we are using. this is a really interesting topic. it is not only topical, but it is on the minds of the most
11:24pm
important government officials including at the highest level and so on. but what if you're just a few comments that have been made recently. governments have new organizations. they are not just the covert operations, but it is certainly something that, you know, has been given very significant
11:25pm
emphasis. for example, in 2010, the pentagon set up this u.s. cybercommand and the eu has a similar organization. the uk has the same thing. they have a cybersecurity operations center and this is the british equivalent in this area. let's just go through some of the terminology. i wanted to make sure that we have some particular knowledge about things. as i go through these special events, the backdoor is an overlooked entry into a network.
11:26pm
it allows a hacker or someone were someone who was not authorized to be in there to get in with a password -- without a password. this is where you have a program that becomes a robot of the person on the outside. cookies are a friend when we are trying to order something. i'm going to give you some examples as we go. now where is malicious software.
11:27pm
malware can be a virus 40 warm. we also have the concept where did these e-mails that are alluring you to respond. you might even respond to such a little ad. spearfishing is trying to get you to respond and it is that is the concept that it is targeted at you.
11:28pm
because you have access to something that they want to get into. obviously, government employees might be spearfish to try to get on to their computer authorization. moving is where an address or a site or an e-mail appears to be from someone you know and it's not. whole websites can be spoofed. if you are here, you are at a conference and you go to log into your e-mail, and you can't remember exactly how i get on to my e-mail and you google up rogers and login -- be very careful that it is the correct yahoo! login. they are killing. they can also use it to phish,
11:29pm
which is another way to get hacked. there is a program that gets into your computer that allows surveillance of what you are doing. usually it installs something that extracts information from your computer. a trojan horse is where you have a legitimate thing you're trying to access and when you access it, it enters into your computer where your system will -- then it deletes things or replicate itself and configures your computer to become useful to get. a trojan horse is horses just like the mythology. it is something that once inside, many things can come out of it and become white violence.
11:30pm
.. vendors that network completely and affect his. it often times concerns huge amounts of bandwidth and system resources. often times it is to shed an entire network down. worms are interesting because they are designed to work with
11:31pm
systems already at work within your own networks. so it uses networks to create the power it needs to destroy things within it. a zombie, my favorite word, very interesting concept but airy obvious what it means is you have a network, it's been in fact did, the various computers on that, workstations become zombies, meaning they are just mindlessly doing what is told by the bot within the system, the control system that has been implanted. so let's talk about some of these. first off, i'm going to say american attack. i am canadian and i put references for all of this. i'm not implying it was americans that did did this. i don't have first knowledge of who did what or anything like
11:32pm
that. at least any references for each of these, you know, how the media has basically determined who's responsible for what. the 1991, a long time ago. this is an example of cyberwarfare and that's where in the war on iraq the u.s. and its allies did use the internet to try to demoralize the other side. it is different than a cyberattack we are talking about, but its use of the internet and warfare. we have what is called moonlight maze. i should say, all of materials are available on the aba website and afterwards if anybody wants to more quickly give me a business card and you cannot walk the references here. the moonlight maze. this is where hackers sent unclassified information, things like maps and that's what it means.
11:33pm
1300 cyberattacks on the u.s. air force, u.s. army, u.s. navy. 700 of them considered to be serious. there were 100 cases into 1200 government systems in the u.s. again, this is a long time ago. this one is called mountain view. this one has been attributed to al qaeda. this is very high telecommunications switches in these various countries, saudi arabia, indonesia and pakistan. access granted emergency telephone system's midnight states and transmission from a water and distribution powerpoint facilities. these are the sorts of targets terrorists will have in the cyberworld obviously looking of access to shut down or gain information about those areas.
11:34pm
so you know, it's interesting that jan, 2001 and this precedes the september 11 attack. titan lane. i should say one more thing to my colleagues are going to talk about this. even forget the media, but generally if we're investigating these things come attribution is a real problem. it may look like something comes from china. it may look like some incomes from will say canada, but it may not. it's again part of the spoofing, part of the ability to make it look like one thing and really be something else. this was again purportedly from china and was looking for military data in the u.s. this is very interesting. claim is very, very interesting. everyone heard of.net. supposedly 20 times more
11:35pm
specific. it is a really large program of 20-megabyte would go in in bits and pieces to mrs. fix mexico and other slowly to a variety of things. one of the things we do, which is very interesting is look to see, is this vulnerable to detection? for certain types of things to determine whether it is going to be easy to attack or not so easy to attack. they took insight turned on cameras on your computer without you knowing c. within video average king you are doing on a daily basis. a return on your bluetooth on their and become a bluetooth -- what did they call it? a bluetooth became. very interesting. they hijack administrative passwords and it also would check for patches and fixes and
11:36pm
things to ward off this kind of attack to make sure they were detected. it did not have a field day. often times these things are a troll and kill themselves in the race themselves to the detection would be there. in this case it didn't have a chill day, but it had what was called red chrome vacuum and that's where they would vacuum up all the clues as they went so although it wasn't dad, it was torment and hard to see unless it is active in that it would do what it had to do and clean itself up and become again hard to detect. they are interesting. see the list of countries that it was really at it in. iran, syria, lebanon, saudi arabia, egypt. sometimes it is called viper. a little bit confusing because they often times see things get kind of melted into each other. like you know, a very
11:37pm
interesting whole incident. the size and sophistication of this was so great that i think the conclusion is clear that it was a government that was doing this. it is just unfathomable that it could then a smaller kind of scale operation. i think one of my colleagues is going to talk about estonia a little bit more, too. in 2007, estonia removed a statue, a soviet era statute and it caused turmoil between estonia and russia and lo and behold if it didn't become a lot of cyberattacks on mr. linea shutting down their telephone networks commissioning down their banking systems, websites and so on. government services and so on. it was never proven of his russia doing it, but the conclusion is that the very least of his russian hackers.
11:38pm
in the end, nato, who is very active in helping estonia understand this, nato step dad and ultimately there's a cyberdefense center both selection. estonia is the most connected country in europe. they are a leader in the government. that's when of the reasons why estonia is super interesting. i don't know how much my time -- am i good? >> you are good. >> i'm going to spend a couple minor on other ones. okay, so there's lots of incidents in my side of e-mail, targeted attacks to u.s. satellites. it looks like someone from china. i'm not saying chinese government, but someone through china for mr. cheney servers appear to have been doing the proof of concept. they were trained to see whether they could get him into the sort of thing. oftentimes you'll see if they
11:39pm
are trying to get in there and do this. it's a proof of concept probe. you will see a lot of interesting things between north korea and south korea. coded messages sent to 40,000 computers around the world with this botnet kind of a virus, and start being a zombie computers to paying a whole lap i got contacts, a whole lot of government website. the concept here is called distributed denial of service. if you have of this bombardment of interest in a particular server, of course it will go down. if you have a small girl trying to buy brittany spears ticket, you know what i'm talking about. so this concept of distributed denial of service was here. if you look, the u.s. treasury, secret service, federal trade commission, and the stock
11:40pm
exchange were all attacked by the 160,000 computers around the world tried to ping and to have access acting as a zombie bot. if you've read the news and the last couple of years, it's this worm that was attempting and i think was quite effective in shutting down the centrifuges in iran, which caused them to spend not control until they essentially burned up. duke who is assertive sister. i love the name. as a "star wars" fan you know who that is. but this is a sister and again was lucky not the industrial control system access. there's the sars virus attack on iran, looking to harvest information from executive pass and government organizations in iran. and then, similar to others, you
11:41pm
know, canada has had a significant problem in 2011, with the department of finance and other organizations that were working on a particular deal, including law firms who are on a specific deal relating to lockheed martin and the potash corp. of saskatchewan had a spear phishing issue. and i pointed out of law firms are extinct very vulnerable to these sorts of things. so i think what i'll do a scrapbook they are and as they need i can jump in and fill any other sorts of issues. >> thank you. >> our next speaker is mark nachman. -- nackman. >> thank you.
11:42pm
so in addition to performing cybersecurity services for the federal government, a significant portion of what we do is to help a commercial customers deal with the cyberthreat. so what i want to talk about today is what that looks like for companies. i want to hit on 10 to three basic areas. the first is to talk more about the environment. elizabeth has done a nice job setting most of that out. talk about with the lifecycle of a typical breach the looks like on a company's internal surveyors that works and then talk about what companies can do to prepare and if there is a preacher compromise how they can respond. a little bit about the spectrum of actors who are out there. this isn't necessarily going from least to worse, but i think it does go in order of
11:43pm
resources. so at the lower and the spectrum you have individual actors. these could be skilled computer. these could be people inside of your network that are exceeding their authorized access and stealing information from your comp any or worse. then there's a category of folks out there commonly referred to as activists. these are kind of loose band, sophisticated cyberfolks that are able to come together and identify targets and perpetrate acts against various targets. they tend to be loosely politically motivated, although not necessarily always. there's always the one-upsmanship spirit that they have typically. then you get into a level that
11:44pm
isn't necessarily any worse or any mars killed, but they tend to have a little more and the way of assets and resources and is that the actual organized cybercrime syndicate. these are people who basically steal information for a living. they're very focused on identity theft, stealing credit cards, bank accounts and the like and they can cause a significant financial damage. technically they'll focus on financial crimes. then you could get into the category that most of the other speakers are talking about and this is the nation actor level resources commonly referred to in the industry as the advanced persistent threat and it isn't uncommon that you can see some of the tactics that the advanced persistent threat users trickle down into the ranks of organized crime and their son theory out there that on occasion, some of the more advanced persistent threat actors will engage
11:45pm
organized crime or other groups and the locks we all work together collaboratively. this kind of gives you an idea of who's out there and really with the interests are. the advanced persistent threat isn't as much worried about certain financial credit card information as they are enabling capability to shut down critical infrastructure, steal national security information, steal intellectual property is valuable at either from an economic nation and economic competition model for aerospace and defense secret. elizabeth did a very nice job talking over the goals and tactics. one thing i would add is the value of this botnet style of attack is that it allows smaller actors to scale up to size and have basically an army of computers behind them.
11:46pm
so when are talking a bit about assets on the first page and resources, a botnet style attack someone with him and it resources to punch way above their weight and attack with a force for someone with significant resources. that is one plane level out there. a little bit about some recent statistics and this is taken from 2012 data breach investigation report. a whole lot of records that we know about were compromised in 2011. the vast majority of those breaches all came from outside corporate networks. a large variety of venues something that would be identified as a hacking tool or tactic. at the shocking point here is that 92% of those were identified a third parties. so it wasn't the company's
11:47pm
internal security folks or i.t. folks have figured out there was a problem. it was somebody they were dealing with, either a customer, client or partner and said were picking up some weirdness here and you might be to look at your systems. that i think is a very telltale indication of how much we have to go in terms of raising corporately are cybersecurity standards. i think comments from various leading government officials up there all back that up, including director of the fbi. i'm paraphrasing, but he said these two categories of companies. those that have been compromised and will be gorgeous so delicate. so that's the shocking statistics to take. it is not uncommon for a credit card company to come back to emerge it and say hey, our threat vector detection system is more sophisticated than yours.
11:48pm
we are picking up some indications he been compromised. here's what you need to look at. some recent examples of some very high profile and public incidents that have occurred recently. rsa, the cybersecurity company files was breached in 2011 and that led to a number of other breaches because their systems are used by many companies to provide this company's own security systems. in addition, there is a classic financial crimes case involving sony. i think that one of the takeaways from these examples is that these are not -- these are companies technologically sophisticated pressure in the cyberworld and they themselves were reached. so these are wal-marts for
11:49pm
companies that are selling are active in this industry. these are the income needs in the industry they were compromised. so that gives you an indication about the level of sophistication of threat that they are facing. the other thing to take away from examples as you know these are the taken from various sec reporting forms. that goes along with some fairly recent guidance that the sec released about reporting of breaches material especially and including in companies documents what the company is doing to mitigate the threat risks and identifying what the risks are to the company as a whole. so you'll see that the concept of this reporting, again and again. there was some pending legislation that was in the senate that would have requires a more thorough mandatory reporting. this sec guidance, that
11:50pm
legislation virtually didn't make its way all the way through. this sec guidance is issued as a compromise and now there's an executive order pending out there. the whole issue to disclose or not to disclose is very sensitive for companies, especially with rsa, for example from your whole company's model is based on keeping other companies save from cybersecurity. even a more shocking example that h.b. kerry. this was a company that marketed itself as having very sophisticated cybersecurity, cyberdefense, both in the government and corporate sector capabilities. and this one case, the ceo had made some public statements that he was about to out some members of one of the act of this group synonymous. when they found out, they
11:51pm
targeted and posted all of a treasure trove of that company's information on public sources out there. incredibly damaging to the company's reputation, to see his reputation, to the value of the company, to every company that did business and not their data also on their systems. so again, this is a sophisticated cybercome any good with itself compromised. the impact, they can be severe. stock prices are publicly traded companies can drop significantly. it's not uncommon to see a 5% drop upon the announcement of a reach. customers were so, especially in a company providing cybersecurity. your customers can stop buying your product in the state than what it is you're trying to sell them. that killed business.
11:52pm
in addition, significant state-by-state regulatory requirements. kobe often times find. often times those can increase. the longer it takes you to notify your customers that there's been a breach, that information has been compromised. and again, this can cause the companies, executives, customers or shareholders to be publicly embarrassed, to lose money, get fired and worse. it is not an understatement to say they have indeed destroy companies. now i want to talk a little bit about the lifecycle of a cyberthreat. i believe the most important thing for you to know about the lifecycle of the cyberthreat, especially in advanced for is that it's very complex and has multiple phases.
11:53pm
it typically starts out with the first phase, which is infiltration. this can happen in any number of ways. there can be a server-side attack, client-side attack here that could be now were involved. there might not be nowhere involved. it could be as simple as somebody said the company introducing something intentionally in your network. it could be any tactics we talk about, but somehow a threat manages to make its way into your come this network and basso a classically call infiltration. but that is in a compromise yet. that just means you've got an enemy inside the wire. so it typically happens next is once a thread is finished in such a network somewhere, it reaches back out, establishes a back door, where whoever's controlling it is able to assess where they are at come to figure out whether this is something they're interested in an establish command and control. in the more advanced threats
11:54pm
coming events via phase of propagation because typically doesn't land on a system to really wants to be unnecessarily. maybe doesn't access the specific data is looking for her. it is fair to cause damage and not steal information, it hasn't become pervasive enough to bring the network down. so it will work its way latterly across your new work. oftentimes the more sophisticated threats creating additional back doors. what we see time after time when we go into companies and are helping them with forensics to figure out what has been breached and how come it will think they have found the way -- the back door people find three or four more. so it's not an common for the more sophisticated threats to have redundant ways for the actors to retain their command and control.
11:55pm
that said the more advanced at your face, more sophisticated talent you need to bring to bear to fight it. but again, nothing has actually been breached at this point. others you have this further penetration deeper into your not work. a classic phase for a breach would be exultation. this is how the cyberthreat takes the data out. it can be pretty sophisticated here as well. it can use a number of different systems. it can involve e-mail. it might be a lot more sophisticated than that a new sports you wouldn't normally associate with the external communication. but somehow the data is taken out. sometimes it's automated. sometimes it's a slow flow of information. sometimes it's being done on a routine basis. unmatchable compote information out every three weeks and it's kind of scary to see sometimes
11:56pm
have disciplined the threats are. they're usually pretty structured with how often they come back. every two days, three days, every week. but this is a breach. if you have a cyberthreat trying to take down your network, you would have the execution phase, where the malicious code are the bomb or whatever is planted in your networks goes off in your system and becomes disabled. so the lesson to be learned about these lifecycles is there's numerous points in a lot of activity in a very sophisticated. the better solutions out there to help fight these will look in all these different places because if you just have the gate and authority to investigate, they're already inside. you got to have someone looking inside and someone watching your site traffic. that's the solutions in this
11:57pm
area. now a little bit about what companies can do to prepare. there are several resources out there that will give you best practices. i've got a link to the department of homeland security's website. there's a number of different cybersecurity standards organizations out there, but the number one thing companies need to do is adopt best part is. the second thing is establishing a relationship that reach coach. this might be new terminology we haven't talked about yet. breach coaches specialize in responding to incidents than half what companies through the steps they need to take. as a lawyer, maybe i'm a little bit biased but there's a strong argument to be made that attorneys make the best breach coaches and that's because the
11:58pm
advice that they are giving you is protected via the attorney-client privilege and because we talked about some liability issues here, we talked about the confidentiality issues if they die to make disclosures they might want to keep this confidential. this extra protections are very powerful. so that's one category although public affairs companies you see some of the major competencies and consulting firms act as breach coaches. establishing a plan ahead of time, like the military, even if it's just tabletop is crucial because knowing who was going to do what when something actually happens come in knowing who those people are ahead of time will save you very, very valuable time at the beginning of a response. no plan survives first contact with the enemy, said the slaves
11:59pm
or lucinda to be fluid are but a few that work up front when you establish plans and you know who's who and has command-and-control, it makes it easier when something happens to be with her kick into response mode. the other thing, this is kind of the new evolving area as well, but there's an cyberinsurance products available as well if your company particularly involves a lot of personal information, credit cards, bank accounts, private data. this can be particularly valuable insurance coverage for you, although i've seen some of these applications. they are very arrow and what they want to know about. if you haven't adapted your best practices, your insurance premiums will be significantly higher if you're dealing with people want more people want more readers want to get ahold of come you're probably
12:00am
presenting a larger risk as well. it's a relatively new market and i don't know that sum of the actuarial models have been perfected yet. so every insurer comes out of the little. you'll see some as an omission. some of the writers to general policies. some of them will cover remediation costs. your breached social typically higher and ask her to come in for a company like mine would be involved in the network. some of the insurance policies will cover fines and penalties you may see in some state regulatory structures. and they might then pushback i knew, the company requirements to have very quick notification policies so that their mitigating the risk that she make a late disclosure and your finest increase.
12:01am
so that's preparation. what happens when there is a breach? establishing command-and-control is going to be your number one priority. if you know who the boss is going to be ahead of time, that's a lot quicker and will happen more easily. although classical you'll find in some of his been tabletop to exercise in a draft policy committee's senior leadership interest may not be as significant as an actual breach or two may exert influence in the process of an actual response that weren't his fact even the planning phases. so hopefully take that into consideration and try to pull those people in as much as you can. you think of reach coach. again, the law firm model if you're really represent a unique advantage for companies especially and they can go ahead and higher the public affairs
12:02am
experts and they can hire the technical experts and they will work for the attorney and the work is covered because they are being direct aid by the attorneys. you need to establish awareness and this is where your technical experts, outside technical experts will come in and this is what you're going to have been. they respond to the internal i.t. disaster that were able to get onto the breach companies that works the better because if their i.t. folks of the security folks have missed it already, chances are they're not doing anything to help and may be making things worse by making it more difficult to figure out the nice forensic trail. but the number one objective is going to be to stop the bleeding as quickly as possible. sometimes the people in law-enforcement quickly, you can't be that there might be
12:03am
occasions here for law enforcement is going to want to do some things that might make this stop in the bleeding thing look a little bit different or respond maybe by putting some more feelers out there providing some bad data escape. but the goal of the company at least is to keep their data, whether 30 been compromised, from going out the door. then you need to figure out how to really was, what the damage was because the next thing you cannot have to do shortly after that is major notification. so what's he got a determination of which you've actually lost, you can figure out what kind of disclosures he made me to make or maybe what projects are now worthless because the intellectual property is gone but a trade secret is compromise. if it's a case where data is publicly posted on a website
12:04am
somewhere, and sometimes can be pretty easy to figure out the damage assessment is. but oftentimes they don't publish everything they've taken, so there might be stuffed compromise that was never put up a wikileaks. you still need to figure out what was compromised in what was then. that also goes into the concept of scoping, making notifications. pretty far down on the list because you need to do other things before you can notify what it is you are notified. that could be something you have to move quickly on because sa mentioned, there can be penalties associated with elaine in making notifications. repairing networks so it doesn't happen again. reinforcing and maintaining -- going back to the site before, best practices so hopefully it doesn't happen again.
12:05am
that's a summary of the corporate perspective. john come alternate back to you. >> thank you very much. the next that will transition us to the corporate perspective but what the subject matter and then get into some of the national security issues facing the issue. so i would like mr. bodenheimer to come up to the podium, please. >> thank you, david. >> thank you. >> pardon the delay here. we have obviously a cyberattack. i am david bodenheimer. i'm delighted you are here in the aba science and elegy
12:06am
section in aba public contract contract law session. but to give to william black to his work in the panel and the aba international section for putting on this terrific program, a topic i could vitter to be one of the biggest, scariest topics of our time. for those of you that are familiar with this topic, you may share some of my sentiment. i'm reluctant to say this on the public record, but quite frankly i'm terrified. i trust at the end of this you will be as well. the first time that i realized the cyberwar and terrorism is a hot topic is in the national research count will put out to scholarly publications on cyberwar, while at the same time "vanity fair" had cyberwar on the front page along with the
12:07am
british royals. that tells you they are covering both ends of the spectrum. as we know, the director of national intelligence, mike mcconnell famously said we would lose a cyberwar if it took place. the canadians would win, but i'm not so sure about the americans. this seems like an obvious question. cyberwar and terrorism.? well, did we have mr. carney in the audience? to win if you agree with mr. carney that there is no substantive basis for the cybersecurity threat by notetakers? that's too bad. i was hoping to have somebody to pick on for today. mr. carney apparently hadn't talked to the president. the president said cybersecurity is one of our most serious national security threat.
12:08am
it had already been levied against certain cities to black them out. it is 30 been years as my co-panelist mentioned as a prelude to the shock troops before the russians invaded estonia and georgia. this is a bipartisan issue. you have senator lieberman saying cyberwar and cyberthreat is a clear and present danger. cinema senator collins, senator carper. go down the list. they will all tell you they too are scared about the threat. mike mcconnell before national intelligence warned that in the buildings in new york, the terrorist had direct a cyberattack the largest banks in
12:09am
knee-jerk, the economic impact would've been 10 times worse than 9/11 actually was. this is not a theoretical threat. those of you who have trouble accessing your bangs, senator lieberman has pointed to the ukrainians as retaliating against the u.s. bangs for the stocks that attack, which i'll talk about momentarily. our power grid. what is the risk? well, one if terrorists want to break into our power grid. those of you that have fled a few days without power as mark and i did when the future is not down our power lines, well, there are already according to a member of the expert, foreign nationstate that are in our networks in the power system. the operation aurora a few years
12:10am
ago proved to cyberattack can bring down the power grid with a cyberattack on one of the systems, causing it to bitterly shake it felt to do. and if you've noticed, you can't go to wal-mart and pulled these power systems up a shelf. it takes a few months to get them back. a few months about these systems could be a $700 billion impact. the intelligence community in the u.s., they are afraid to. they warned that already nationstates are in our power grid. se/30 heard from john harrington , for the first time that i recall a sitting u.s. secretary of defense has warned of a digital pearl harbor, meaning bringing down the power
12:11am
grid, bringing them water systems, air traffic control, essentially paralyzing the country without spending a single airplane for shipping to u.s. territory. some people say, like mr. carney might come of this is science fiction. it's not really going to happen. not true. well, if you look at the virus which elizabeth talked about in her discussion, that was one of the single most technologically advanced viruses ever found at the time. it took months to prepare millions of dollars. there were only five countries on the face of the earth that had the technology capability to put that together and it brought down 100 centrifuges in iran, which i am pleased about. that particular virus exploited for zero day vulnerabilities,
12:12am
meaning nobody even knew where the software but also required theft of a digital certificate, the equivalent of breaking into fort knox to get one of those. the senate homeland security committee also had testimony of a cyberattack on a pipeline caused her to spin up and explode with the force about one fifth the size of the heuer shema bohm. china has identified cyberdominance as a national policy by 2050. my prediction i think they're ahead of schedule. i want to shift now to talk on a different topic, which is contractors in the private sector, what cyberwar means in that arena. america does not go to war
12:13am
without contract nurse anywhere. as we know, they've been on the battlefront and the kinetic warfare business or i can assure you of the cyberwar business is going to be doubly sure. for the private sector and contractors on the battlefront, they're going to be caught in the crossfire of the cyberwar. i want to describe some of the risks companies need to be aware of as they could into the mix of the cyberoperations and what it means for the company. there's several reasons that it's going to happen. one, there's not enough expertise in the world on cyberwar and terrorism and cybersecurity to handle the work. there's not enough for government, not enough in government, not enough and private sector.
12:14am
you're going to have both in public or the partnerships that are involved in putting together offensive and defensive strategies on the cyberbattlefield. as the public safety minister for canada side, we are already in a global arms race that will pull the private sector in. for many of you in the private sector are advising the private sector, your clients want to be in that business. it's one of the few areas in the times of fiscal austerity in the budget crunch that you can actually find the money and spending going up. so they are going to be there. international law and the battlefield, jason chipman is going to discuss that in more detail. in many ways, we are on the front tier. the law is old, but when you try to apply it to cyberweapons in
12:15am
cyberattacks and what is an actual attack if you have a denial of service attack on a particular business. a bank, is that in the international treaties and conventions. we're going to be testing them. we will find out in the future. right now the president is somewhat uncertain as to what it all means. there are three scenarios for the private sector and contractors where there are risks. one is insisting on offensive operations, essentially developing cybermissiles and other ways to attack. what does that mean for international law? what is the authority to attack? generally you have to be attacked before you can counterattack. he can't be a reprisal.
12:16am
but what is the protection for a government that does that? what are the rules? somewhat unclear. it's even more are for contractors assisting in developing cyberweapon particularly as they go awry. what about authentication? elizabeth mentioned botnet, many times the contractor, agency or others trying to trace back. who brought the cyberattack, marna works? well, what we found as clients have noticed a cyberattacks on their systems are coming through the local community college. virginia. who's going to take down the network? obviously they're not the ones doing the attack. the real attack is coming from
12:17am
another country. you have the community college. does that violate the computer fraud and abuse act within the u.s.? the new trace the attack over to germany. well, that's another front, another botnet. you keep going. does the tracy and authentication into the european community violate the convention for cybercrime. still unknown. we'll find out. within the u.s. electronic surveillance law. you know, what are the rules for authentication, identifying the attack in turning around to attack the attacker. within the u.s. there is some uncertainty about who does what and who has responsibility for different parts of a
12:18am
cyberattack. those in the business collet the park chambers part 50. the u.s. department of defense. that's his authority. but it has limited authority to operate in the u.s., whereas the intelligence community's are not supposed to be operating in the u.s. what does this mean for contractors? one example is for ricin. verizon was helping nsa in the course of trying to track the traffic coming through the line and providing that assisted. what happened? for ricin was sued $50 billion. for the telecoms, date assistance of congress with some indemnification statutory protection. that doesn't exist generally for all companies and particularly in the offense is
12:19am
cyberoperations arena. what about defense? many, many more companies will be involved in defending against cyberattacks come a cyberterrorist cyberterrorism event. when a company build a particular cyberdefense solution, what happens when it fails? as mark discussed, the rsc reach, they are in the security business. they had to breach themselves. companies in this business are going to be breached. they're going to have technology that fails. what is their protection? one would be the government contractor defense except for the fact that it only applies under limited circumstances. for example, when the government specifies the requirements for the system such as a detailed level three drawing package for
12:20am
helicopter. generally are not going to have that for cyberdefense. the safety act. some of you may be familiar with the safety act that provides liability limitations for homeland security contractors developing antiterrorism technology. that would be a great solution except it has limited applicability. it does not apply except to ask of terrorism. so the nationstate makes the attack, you don't know whether you have coverage or ternatively, if there is an-- attack for which you can't attribute who did that, then you can't tell if it's an act of terrorism. what about indemnification? there's indemnification under limited circumstances, but generally the department defends
12:21am
hamm sat out on a very limited basis. what about other scenarios? it's a technology sales can the government make a claim against the contractor? perhaps he can. third-party liabilities is that the verizon $50 billion suit. limited protection there. insurance coverage does exist, but it has some severe limitations as mark discussed in this presentation. finally, what about the private sector standing on the side lines? that is a risk area, too. there will be times -- excuse me, there will be times that there will be a botnet attack coming from your system. somebody has taken over your systems. if the government shuts this down, what are your options?
12:22am
can you bring a fifth amendment taking plan? is unclear. if you're a contract year, can you claim a suit under the contract disputes act? again, unclear. the last item i will discuss is denied network access for many contractors if you cannot connect to a federal agency or your customer, that is essentially an economic death sentence. but if your systems are compromised, you are likely to have the plug pulled on your system. in the circumstances, what are you remedies? again, it's unclear. we are truly operating in the wild west on the front tier and many of these legal issues will be determined in the next few years and many of you may be in the middle of determining that. thank you. >> thank you, david.
12:23am
well, moving on to potential responses than what the law states in terms of our response to that. we have jason chipman who will be our last speaker. we are going to follow this up with questions than answers. >> hi, thank you very much. thank you to john harrington and the other panelists here. so i do want to leave some time for questions, so i'm going to try to offer up a few observations about this topic, how we talk about cyberwarfare and cyberattacks and maybe break out those concepts of it, talk a little bit about the international legal framework that's relevant here and offer up a few thoughts and observations that might generate some discussion relative to
12:24am
domestic laws in this area. so one thing that's interesting to me is the press accounts often use the word cyberattack. there's been some cyberattack on a company on a business or some institution. and that's fine, but they often mean different things. sometimes they mean there's been an infiltration into a network for criminal purposes. there's been a criminal offense. sometimes they mean there has been some sort of espionage activities that also is likely a criminal event. we have seen lots of, though as you've heard were starting to use the perhaps more cyberattacks that are maybe something like an armed attack under the u.n. charter conceivably i suppose, even inactive or, though that is
12:25am
debatable at this point to whether we seen anything like that today. i put a few appear that are relevant. computer network attack talking about that encompass different things. computer network exploitation is basically a to infiltrate a computer network for any of the purposes i just described. it may be some of armed attack. maybe it is for criminal activities and you're hoping to be surreptitious about which are doing. babies are espionage and again are hoping to be surreptitious. so i have an example of how these concepts interrelate to one another and how if you're in the business of computer network defense, you're trying to defend networks at your company. if you look at this from a policy perspective for the united states, for example i'm how vulnerable is the united states? how vulnerable is our critical infrastructure, nuclear power plants, things like that.
12:26am
you quickly see that an infiltration into the network might be to steal a social security number, maybe for espionage purposes is a harbinger attacking a disruption. i have a few examples to illustrate some of these points. this one is particularly striking. a few years ago the deputy secretary of defense at the time published an article in foreign affairs, where he described was really a two-step vac i think a rather extraordinary event. he described in 2008 a defense department computer network was compromised by malicious code on a flash drive -- thumb drive presumably. the flash drive code, he said, was placed there by foreign
12:27am
intelligence agents be that it had uploaded itself onto the u.s. central command network and that the code spread undetected on both classified and unclassified systems. one of the most striking things about that statement of foreign affairs is he said u.s. government classified networks. and he said this established a digital beachhead from which data could be transferred to servers under foreign control. this is the u.s. department of defense, having both classified and unclassified computer networks infiltrated, presumably for some sort of espionage purpose, but perhaps for something more. and that's one of the real concerns here is that this sort of amble traditions that we see and that the other panelists have talked about you could
12:28am
imagine being harbingers of something more destructive or something more problematic. i think one of the other panelists mentioned a quote from the fbi director. nec the same concerns in talking about in the commercial sphere, to. he said basically every company is being hacked one way or another and it's not a question of when they will be hacked, is when it will happen again. that might be a pessimistic view of how our candy. that certainly been. my only point -- the only other point i want to make on commercial data is that she's the recent report, issued by verizon about data breach investigations that just that at
12:29am
least in recent years, large numbers of serious cyberchurches have been aimed at taking authentication credentials. ..
12:30am
>> within that category, there's computer network attacks, defensive response, so namely, your system's under attack somehow, your system's infiltrated, and, perhaps, you have the capacity to respond back so this would be a retaliatory strike of some nature. with that in mind, i thought we could talk about ways in which, and some of the other panelists touched on this, ways in which these offensive tools are used as instruments of warfare. i think, from my point of view, and others said this too, i suspect it's inevitable that future, major military conflicts, so let's think of future land wars, will have a cyber component to them one way or another. it seems likely in the future these tools will be used by
12:31am
foreign militaries, perhaps our own military, towards whatever military objective or whatever ends are in stake in a conflict, and i think just from press accounts, there's reason to think we've already seen early examples of that, and some of the other panelists touched on events in estonia in 2007 with a dispute with russia and various banks, and government institutions in estonia were hit with denial of service attacks saying that attacks that kept their -- those institutions from at least running on the internet, prevented the websites from working, disrupting operations one way or another. interesting, in response to the estonia events, nato established a cyber security center of excellence in estonia in 2008,
12:32am
and they've been studying this from nato's perspective to a law of war perspective sense -- since then, and recently establishedded a treaty on the subject of war of war and cyber wear fare. you see it in georgia, press accounts suggesting that the russian government was behind cyber attacks that occurred contemporaneously and prior to land forces going into georgia in 2008, and there are other examples like this and as one of the panelists mentioned, as john mentioned in the introduction, even secretary panetta recently gave a speech, and, according to the press accounts, the officials at dod suggested that iran has been behind a number of cyber attacks in the middle east in recent months.
12:33am
i think, with that in mind r you see an international response of countries and organizations like nato, the u.n., former soviet block countries. there's a group called the shanghai group including china, all trying to struggle a bit with how to think about how to use cyber weapons and how to use cyber warfare capabilities in the future, and how those ideas -- how -- what happens with those ideas when they hit our international legal norms that we've been used to over the past number of decades. the u.n. charter, the use of force, what prompts a right to self-defense of the nation state, and you see here, and there's lots of examples like this, the u.s. 2010 national security strategy describing
12:34am
cyber threats to particularly serious -- the russians have also come up with their own statements about when force can be used in cyberspace. you see this in the u.k., canada, and most major military, especially western countries are articulating strategies about what does it mean to use offensive cyber weapons, when would we use offensive cyber weapons, and what are legal norms associated with that topic? now, i think when you start talking about the law here, it's easy to imagine that we're talking about something very new, and i usually debate this idea that you hear it a lot. you hear sometimes people analogize cyberspace to outer space or the high seas or very new areas, perhaps, even lawless
12:35am
areas where there are no legal frame works that apply. i don't -- i think that's, in general, a mistake, although, no doubt, there's very complex issues and very new issues that countries are facing because of offensive cyber events. i think the legal frame works we have, in general, can be brought to bear to those new problems and updated and changed as needed. there's an interesting quote from a book that just came out, quite good, called "the journey to the sent -- center of the internet," and the author talks about the digital age, the networks of the interpret are affixed in real physical places as if any railroad or telephone system was. servers are in some country, and if you invade a server in that country, you probably violated the laws of that country.
12:36am
cable lines, kegging computers and servers, traverse different nations. they might go under, but there's laws of the seas that address those sorts of issues. the u.s. position is there's no need to think of new norms. we don't need to reinvent customary international law in this area. i think if you -- so you can take some easy examples of what that means. what are the use of force in cyberspace? there's a lot of academic commentary and discussion about that topic right now. well, some examples are quite easy, and they are largely effect-based so is there an intryings -- intrusion into a system that causes a physical effect that if it occurred with a bomb, for
12:37am
example, you would say, well, that was a use of force for international law purposes, a use of force under the u.n. charter, maybe an armed attack in the u.n. charter. you caused a nuclear power plant to melt down, and that wreaked havoc. it's easy to say that's a use of force. a dam opens, floods a region, that, too, is a use of force. what can you do in response? i think here the basic, legal international norms probably -- generally apply so concepts of proportionality, con cements of distinction. you have to -- con cements -- concepts of distinction, you have to have military forces, a proportional response, and the u.s., the legal adviser of the state department gave a talk
12:38am
says for years the u.s. has taken the position it does not distinguish between a use of force and an armed attack against the united states in terms of triggering the u.s.' right to respond, but the response has to be proportional so that -- which is to say that any use of force-under-par -- force under the use of force would trigger a right to respond. he was clear saying that's a right to respond with a cyber attack in response or with military forces. it's the right to respond as a nation state and make a military response with whatever tools are appropriate. this, and i'm conscious of the time. i'll do this quickly. this is a chart published by two authors, published by the belfar
12:39am
center at harvard. it's interesting. they've attempted to capture the ways in which these ideas of different objectives, use of force, cyber attacks, effects of a computer intrusion might trigger different responses, and so you can see here in the chart that there are differences between offensive objectives, defensive objectives, informational objectives, which is to say espionage or criminal activities, but these things can interrelate in very complex ways. timely, because i want to leave a few minutes for questions, i think i just want to make one observation about domestic law in this area. so the u.s. has obviously been thinking a lot about military
12:40am
activity in cyberspace, congress and the national defense authorization and 2011 said quite clearly that it's congress' view that the department of defense and the president may conduct offensive operations in cyberspace within international legal norms consistent with the war powers resolution, for example. although, i think international law generally applies in cyberspace, and i agree that it doesn't need to be reinvented, i do wonder about our domestic laws and domestic policy inside cyberspace so if, indeed, especially where we think about very offensive, kind of a major attack against the united states, and if, indeed, we believe there's a serious risk of that, of some major foreign nation state attacking l --
12:41am
the u.s. through cyber means or a terrorist group making such an attack, i do wonder whether we're positioned to respond to that like we are in the physical world. by way of example that i think about sometimes, if you envision some sort of hosht event where foreign military invades the united states and jets fly into the united states, we might not all know the exact rules of what happens in response, but i think most of us are fairly confident that northern command, the military responds, jets are scrambled, people basically know who is supposed to do what. although, there might be a great deal of confusion on the ground about what's happening, the basic frame work exists for a response. i'm not extremely confident that that frame work exists in the cyber realm that if there's an attack into the cyber infrastructure and critical
12:42am
infrastructure, it's not clear to me that we know who is responding, how they respond, how they get access to the various networks they need to respond. i think you'll start to see more and more discussion of that topic in the future. >> thank you. >> i think we have a couple minutes here for questions. >> we have a few minutes for questions so it is very mystifying topic. obviously, it can affect all of us if anything ever happens, and so i would like to open the floor for questions. if you keep preliminary remarks before the question brief, and the first hand up is almost in the back, on the aisle. >> [inaudible]
12:43am
[inaudible] [inaudible] >> who would like to -- >> well, i think, i don't know if it's in the spirit of world war ii or rises to that level,
12:44am
but there is a group commonly referred to as the defense industrial base, dib, of some of the largest defense contractors that have all signed a memorandum of agreement with the government, sharing threat data together, and then through the u.s. department of defense, defense cyber crime center, that data is analyzed, forensics performed on it, and information is shared back with the dib members on how to improve defenses so there is a -- that is a, i think, a -- that's been pointed to as an example that could be expanded broader than just to companies in it. there's pending rules, and that was kind of the spirit behind, i think, the bill that died in the senate, of expanding that so there is an example of an industry government sharing of
12:45am
information. i wouldn't say it rises to the level of, you know, people aren't making posters of, you know, work together, and, you know, selling war bonds like world war ii there. >> we're at the hour and a half point. i had an announcement before we lose the feet here that we have the next national security program at the dc meeting and wednesday, april 24th, at 11, responsibility to protect from deploam sigh to action, and that's regarding two years into the arab spring, what's our responsibility to protect millions, vis-a-vis libya and syria. okay, next question. >> [inaudible]
12:46am
>> well, i think, i guess from my point of view, there are a lot of issues out there in the terrorism space, and in the military, traditional warfare space that are no doubt very complex policy issues. i'm -- i -- even your example right now, i -- i don't disagree there are all sorts of very complex threats out there, and you see this with secretary panetta's recent statement about computer attacks on banks and
12:47am
whatnot, but -- and computer attacks in the middle east, and recent articles about this, but even those examples, it's not clear what the international legal deficiency is. it's not to say there's no need for changes or no need for -- there are not hard questions out therement i think there are, but i suspect that most of the hard questions are the same hard questions we have to muddle through in the physical space. like, if there's app attack on the u.s., a physical attack, it might take time to figure out who did it and what are we going to do in response and what's the appropriate response, what's proportional, what are the tools we have available, but i take your point that these are, indeed, complex issues. >> i saw a hand here. >> this is a bit off topic -- [inaudible]
12:48am
>> sort of analogous shutting down the airlines two weeks after 9/11; correct? >> [inaudible] [inaudible] [inaudible]
12:49am
[inaudible] >> so that's a devining of what might take place. elizabeth, do you have -- >> i was just going to say one thing which is in may of 2012 in a video posted on the internet attributed to al-qaeda, they called in -- it's a lengthy video, and in it, they call for what they call translated as an electronic jihad, and in that video, they discuss what you're mentioning, which is that, first off, they liken the vulnerabilities within the internet to being like the vulnerabilities in the aviation security area pre-9/11, and then they say that, and on top of that, of course, shutting down the capitalist, you know, american exis a goal in and of
12:50am
itself. >> until >> -- >> it's not just the attack on the internet, but the culture, and the culture is seen as bound up in the use of the internet for e-commerce, entertainment, and other areas perceived as worthy of attack. >> i'll just add that i think there's immense -- you're describing an immense problem and real intention there in terms of the security and keeping the internet open, the state department, and secretary clinton spoke frequently about an internet freedom agenda around the world and keeping the internet open in places like china and regimes that might be trying to crack down on the free movement of information, and i think it's a real tension, worthy of a serious debate, i think. >> any other questions? well, i want to thank the
12:51am
speakers for coming, all four, from far and wide, to speak on the very compelling topic, and i invite further discussion on this down the road. if anybody's interested in our subject matter, please, feel free to approach me, william black, or any of us, and hopefully, participate in our committee. thank you very much. [applause] [inaudible conversations] okay. i need help here. >> try to get up without anybody knowing? >> trying to get him there, and he just roll himself out. >> oh, the morphine. >> he was issued the bottle today, 20 minute, and he's taken ten tablets. >> he'sway, oh my god, that's ridiculous. he's a little high right now.
12:52am
>> at some point, he could stop breathing taking too much narcotics. >> we're going to be doing cpr on a patient. >> where is the sergeant today? >> we followed him after the plane ride for many months, as i said, and he ended up entering himself into a program at walter reid where they ended up using acupuncture, meditation, using other techniques to wean him off of all the drugs he was on, and through had this program, he was able actually able to walk out of walter reed op his own two feet. i commend the military for, one, allowing us to tell this story, both the good and the bad, but for recognizing this problem, by recognizing that there is this problem of over medication, and that they are looking for outside the box ideas on how to fix it. i mean, that's sort of the whole
12:53am
thesis of the film, really, the metaphor that, you know, the status owe is not working, and we have to look for outside the box ideas. >> more with the producer and director of "escape fire: the fight to rescue america's health care," sunday night october eight on c-span's q-and-a. >> coming up on c-span2, the washington institute looks at the impact of the elections on middle east policy.
12:54am
c-span programming is good because they cover both sides of the issues, and the moderators do a good job of staying detached, not offering their opinions, but saying, hey, what's your opinion? very comprehensive about covering the different, both the house and senate and different other woodrow wilson center and other public affair centers here in ck that i wouldn't normally be exposed to. >> jeff wright watches c-span on comcast, c-span, created by america's cable companies in 1979 brought to you as a public service by your cable television
12:55am
provider. >> next, former obama adviser, dennis ross and former george w. bush adviser, james jeffrey, discuss challenges facing president obama in his second term in the middle east. they look at unrest in syria and concerns about egypt's new government. this is an hour and 30 minutes. [inaudible conversations] >> good afternoon. good afternoon, and welcome to the washington institute. i'm rob sadloff and delighted to see you here today. i think the interest in foreign policy in the wake of our presidential election is certainly evidence by the standing remotely crowd we have here today. we are now already into the process of transition, a transition even with the same
12:56am
president, transitions are the most flute and receptive moments in the presidential cycle to have an impact on the policy process, and so i'm -- i take it as a good sign there's so much interest in the foreign policy process by your presence here today. now, i think the transition from a first to a second obama administration may, of course, begin the day after an election, but it doesn't end on inauguration day. this process is going to continue for sometime. as the president's new or old team takes shape, and where necessary, seeks confirmation, as the new old team goes through the inevidentble period of reassessment and redefinition of priorities and opportunities and as other issues, domestic issues, the fiscal cliff, for example, impacts foreign policy, and not forget as the world recalibrates changes or as some say, the lack of changes, here in washington.
12:57am
at the same time, as we begin to talk about foreign policy in a seg obama administration, let's not forget that history doesn't stop or even slow down in the middle east. elections are coming up. israel, jordan, egypt, iran, and elsewhere, we're seeing in front of our eyes more violent change happening in syria. the reverberations of which felt on every one of that country's borders. elsewhere from beirut to bahrain, domestic politics in a low boil ready to burst out in a way that can affect our interests in very fundamental ways. there's two problems at the far ends of the threat spectrum. the iran nuclear challenge on one hand and the spread of al-qaeda and affiliated terrorism on the other that will continue to dog unless we forget within less than a year of
12:58am
taking office, both presidents obama and bush, his predecessor, faced with previously unforeseen events that fundamentally challenged their middle east policies. 9/11 for president bush, and the arab spring for president obama, so there's a lot on the agenda. today, we're going to take an early look at what will be and what should be the foreign policy of a second obama administration in the middle east. now, we, at the washington institute, for us, this is just the beginning of a quite a number of events and undertaking. we'll be producing a series of transition papers on key issues, sometimes by our sterling institute research staff, sometimes by outside scholars and practitioners we've commissioned to take a look at specific topics, and so over the next several weeks, we'll come together with some frequency, both here in person and in the
12:59am
cyber world to focus on discreet, individual topics, but, today, we begin the process with a more general discussion in which i and my two distinguished colleagues examine the broader issues at stake in the middle east for a second obama administration. at this moment, if i can, just remind people, if you could please turn your cell phones off, not just to silent, but totally off, we are broadcasting live on c-span and we have other esteemed members of the -- of the journalist world here with us filming and recording. now, each of my colleagues has special experience dealing with second terms. my colleague, dennis ross, who leads off, first came to the white house at the beginning of the second term, the second reagan administration.
1:00am
in fact, the first publication at the washington institute before going into the second reagan administration, you didn't think he was that old, did you? the second reagan administration was our first ever publication titled middle east policy planning for a second reagan administration so dennis has great experience in dealing with second administrations. he did it not just with roomed reagan, but with the other side of the aisle with president bill clinton which he saw up close from the inside. both administrations had fascinating initiatives in the middle east. he was involved in the most noteworthy middle east initiative of the second clinton administration, which, of course, a major push for the
1:01am
middle east in the final year of president clinton's second term. jim jeffrey, just retired from diplomatic service after completing the tour as u.s. ambassador in iraq. prior to that posting, jim was u.s. ambassador to turkey. he was on the front lines of two of iran's neighbors, and lest we forget, also on the front lines of two of syria's neighbor. he had a fascinating perch to look at the most important issues on the administration's agenda. jim also knows about second terms from his experience as national deputy security adviser in the bush administration, and that, of course, in that second term, we saw at least two major middle east initiatives, the iraq surge and the annapolis process. we have two second term experts to open our discussion on what
1:02am
we will look for and what to look for and the second term of president obama's administration, and them i'll come back and offer remarks of my own. first turn to dennis ross. dennis? >> thank you, rob, thank you for remind e me of my age. i was a child prodigy. that's one of the reasons i was assuming that role in the rage p -- reagan administration. it is true i have the experience of seeing and planning and working throughs beginnings of second terms, but one of the important things to keep in mind is precisely because it's a second term, you have an administration that already has an established approach to the world. you may well have different personnel who come in, but if, in fact, it's the president shaping the policy, the decision maker, you have a certain orientation so i think the orientation is not something that is necessarily going to change, but you can see a set of
1:03am
challenges that have to be confronted, and if you look at the obama administration, and you look at the greater middle east right now, the reality is the three of us don't have sufficient time to go through all the things they will con prompt. i'll do a quick sketch and focus on res i think will be most prominent in the early going. iran, almost by definition, an issue occupying the president from the beginning of the administration and will be more important in 2013. i'm going to explain why i believe that 20 # 13 will be the decisive year one way or another. the arab awakening, you said, i use the term "awakening" opposed to "spring" because it's been an awakening. spring implies it's an early transformation, early flowering, a wonderful reestablishment of a new kind of middle east, and it was going to happen in a linnier
1:04am
fashion, and we would be thrilled by it, and the fact is, to say at some point this arab awake ping may not, in fact, produce a really genuine change that could be for the better, but what's worth noting is it takes a long time before that materializes if it does. that will be on the agenda and shape what the president does. syria is a manifestation of the awakening, but it's a manifestation that's gone in a direction that is profoundly bad, and increasingly looks like syria could be a failed state unless something more is done. there is the on going challenges of al-qaeda in north africa. there are other challenges throughout the region to be sure. there is the whole question of peace, and is an approach to two states going to be sustainable over time? there are a series of broad challenges in the middle east, and i have not even mentioned
1:05am
one other one that could be confronting the administration which is succession in saudi arabia which, in and of itself, could raise a series of interesting kinds of questions. now, if you think these are the only challenges to face, that's not the case, but we're here to talk about the broader middle east, and what happens in the terms of the middle east, china, orientation generally, how it affects the economy, but also in the middle east, something that has to be thought about, and there's also the question of the european union which will impact again, not just the economy, but could have impact in terms of what happens in the middle east. we'll reserve questions for the q&a, but i want to focus on a few of the key issues that are most immediate and prominent. in iran, 2013 will be a decisive year.
1:06am
for many people who have memories say, well, gee, there's a lot of people talking about iran for a long time, and every year's supposed to be the decisive year. why this year? for two reasons. one, i think, actually, the impact of sanctions is profound. for the first time, it is truly profound in the case of iran. the supreme leader, two weeks ago, referred to the sanctions of being brutal. his words, the sanctions are brutal. this is someone who has said on an ongoing basis, look, we lived with sanctions since the beginning of the islamic republic. they make us stronger, receive sufficient. there's a long litany describing how the sanctions in effect ultimately iran turn to its benefit. now he's saying that the sanctions are brutal, and the truth is, they are brutal. look as what's happening in the irani energy area. it's not only the fact that they are able to sell, you know, less than 50% than before, but their
1:07am
production, their output is down from over 4 million barrels a day to 2.4 million a day. that's because of the sanctions because the opportunity is not there to continue to invest in the infrastructure, the inability to continue to pump and store oil as they shut down oil, it's not easy to recoop. you look at the currency, the devaluation. there's estimates the currency's devalued by half every two months. think about what that means. that means what you buy, when you go and buy something, it costs twice as much, and what you have in the bank is worth half of much. if this continues to happen, it's bond to affect the society as a whole, and, again, look at what the supreme leaders said over the last couple weeks on more than one occasion, he's explicitly called for officials to stop fighting each other, and it's not the first time that's happened, but it's interesting when you look at the criticisms,
1:08am
when the head of the revolutionary guard is criticizing the head of the central bank for the currency problem, that says something interesting. why is the guard commenting on the currency? it's not just the speaker of the parliament is attacking the iranian president, but the head of the military is attacking the irani president for the mismanagement. the focus on their economic problems has become acute, and in a sense, what that suggests to me is, again, they may be increasing interest in looking for a way out. you look at the congressmen tear today that's emerging, and, you know, when you have the min industry of intelligence website offering an analysis suggesting that deploam -- deplume sigh could make sense, better than the use of force. it's not the commentaries seen in the past. it doesn't mean diplomacy produces the outcome we want, but it means, in my mind, the comanses --
1:09am
chances for diplomacy working and producing something are greater now than before. that's not necessarily the only reason or necessarily the most important reason why this year is the devicive year. the reason is even though they are under great economic strain and penalty, their nuclear program continue, and the problem, from our stand point, is that the president has made very clear that our objective is prevention, not containment. period of timing -- preventing them from having a nuclear weapon and not living with it after the fact. by the end of 2013, if the pace of the consistent nuclear development continues, we may not know. that means, to me, that if you're objective is prevention, and by the end of 2013 you may not know whether, in fact, you can prevent them from actually presenting the world with a nuclear weapon, then that increases the sense of or urgeny in getting something done, and
1:10am
what the impact of the sanctions have been, the reality that prevention, if it's going to have meaning, we may act on it before the end of 2013, leads me to conclude that we will see some kind of significant diplomatic initiative by the president, by the obama administration, on the nuclear issue with the iranians because no president is going to end up using force without having demonstrated unmistakenly to the world and american public that we exhausted every possibility before resorting to the use of force. i'm suggesting to you the combination of the pressure on the one hand, the pace of their program on the other, and the likelihood that they will at least be given a way out, means we see it come to a head. either there's the way out throughout the course of the year or the prospect of the use of force, i think, goes up dramatically. for me, 2013 is decisive on iran. second r i want to raise is
1:11am
syria. there's a trend that looks like syria could be a failed state. the prospect of the failed state, given who its neighbors are, iraq, turkey, lebanon, jordan, israel, the prospect of a failed state, cop fliblght radiating outward, all of that creates an increasing pressure to do more to create a situation there. it is not an accident that the secretary of state is doing more now to create an alternative and produce a coherent syria opposition. my own feeling is that that's one step that will be taken, i think, there's more steps to be taken, and i think in this regards, one of the things to be focused on is not just this emerging idea that it's come out of turkey about a new way to produce a no-fly zone meaning
1:12am
use patriots as a more interesting, innovative, creative way in creating no-fly zones. i believe the prospects of us providing assistance to the syria opposition goes up, and i say that because the balance of the forces in the opposition is such that as time goes by, and the radicallists are the ones with the money and the weapons, they will be much more dominant in terms of that opposition. that does not serve american interest or the interest of stability in the region. here, again, i think the prospect of the administration, seeing the need to do more is going to go up, and i think the focus on the opposition is one manifestation of that, but i think that's not the only one. third area that i would like to focus on briefly is the whole issue of the arab awakening, but with app eye towards egypt.
1:13am
what we see in egypt is an interesting duality of realities. on the one hand, we find the muslim brotherhood, the president no longer a member of the muslim brotherhood, but he surrounds himself with people who are, and the reality is, today, the muslim brotherhood controls the institutions of the state with the exception of the judiciary. one can assume that they will make more and more an effort to gain control over that as well, but the muslim brotherhood has a clear ideology. anybody who thinks it's going to disappear, i think, is kidding themselves. when i talk about a dual reality that exists, you see on the one hand, a reality where the president sends 5 letter and there was a backlash from the
1:14am
muslim brotherhood, and then the president denies the fact. it's never a good sign when you deny a fact because the ideology doesn't permit you to acknowledge a fact. when 16 egyptian soldiers killed. the first response was to accuse the others, and, again, obviously, not true, having to create a reality that's an alternative reality, not a good sign. it's true the president didn't say that, but the muslim brotherhood did say that. the supreme said all jews are corrupt, call for jihad. all israelis understand is violence. when there was a backlash, the brotherhood said we didn't say it. when you deny reality, it says something for the durability of the belief system, something about the inabout to adjust it to the real world, and that's not a good sign. there's another reality that also seems to exist at the same time. that is a recognition that somehow if the muslim
1:15am
brotherhood and if morsi build credibility in egypt, they have to deliver meaning addressing the economy and that requires a certain set of imperatives. it's interesting that when the muslim brotherhood was not in power, the staff in power, brotherhood was against the imf stan by lope because one of reasons it leaves the conditionality imposed, and now, the president is in favor of it, and not only prepared to accept the conditionality, butments the loan not to be 3.2 billion, but 4.8 billion. again, recognizing that there ts an economic need with a need to respond to it. you had maybe the largest delegation of american business people go about six weeks ago to egypt, led by the american chamber of commerce. they met the president, all the leaders of the muslim brotherhood, and everyone they spoke to say we want to do business with you, partner with you, create an environment and
1:16am
climate possible for you to invest in us. we know we need this. the renaissance plan, itself, is governed by a certain economic logic and rationality so here are two different interesting realities. the economic imperatives seem to be understood by the egyptian leadership. the recognition that somehow they actually have a public that they have to respond to, this is not simply the egypt of mubarak where you discount the public, seems to affect their thinking with implications for what the administration will do. it means that if we stand by certain principles, which, in my mind, reflect practicalities, that we have an ability to affect our behavior. it's a practicality for them. if you see large numbers of the christians leaving egypt, that's not exactly going to be a source
1:17am
of encouragement for people on the outside to invest. if they exclude half the population, 57% of egyptian women who are illiterate, it's not a prescription for egyptian society. it's our principle, their practicality. look at the draft constitution, and there's language in there about equality which is reassuring, but there's other language in there about the principles of sharia, may not be as encouraging. if they maintain political pluralism, something that, again, ultimately they want to succeed, they need to, something that fits their practicality, fits our principles, awghts to guide us, and, lastly, they have to fulfill their international obligations. first and foremost, living up to the peace treaty with israel. again, it's the principles, but their practicality. who is going to invest in egypt if they look like they are trying to invite a confrontation or a conflict with israel.
1:18am
the answer's nobody. the extent to which they are governed and by the need to address their economic and needs and imperatives suggest to me that there is an approach that we can have and that the administration will have, and i note that, you know, in the first assault, the president called and said if you don't protect our people, you get nothing from us, all the inhibitions there in the first 24 hours not wanting to look like the mubarak regime, not looking like they were not standing up with others on the street given this front to islam embodied in the video, that all disappeared, and they provided protection. it means that if we are governed by principles and practicalities -- so much for turning off cell phones -- one thing i know for sure is it's not from me -- you know, then i think that we have a chance, i
1:19am
think, to try to shape what can happen in egypt with full humility. look, this is a story written by them, not by us, but the extent to which, in fact, they need help from the outside, we should be prepared to provide it. we don't want a failed state in egypt, but we need ground rules for it, something that's also prom innocent for the administration, and i think the administration will echo. all right. i have two more minutes? okay. two more minutes. the peace issue. you know, one of the realities of the arab awakening is it had a chilling effect on both sides. looking a the growth of political islam, rise of the muslim brotherhood, the impact that it may have, not only with regard to hamas, but the area around him, and if he thinks about making compromise what he says is the high likelihood this is going to produce a backlash.
1:20am
he gives an interview with channel 2 in israel where he speaks that he's personally not going back, and you see him burping effigy and demonstrations against him, and he can assume what the consequences are, if, in fact, he takes these steps. it's a chilling effect on him. also, given what you see with the arab awakening, it's made him, perhaps, not for surprising reasons, act more as a populist. on the flip side, with israel, same thing. you're going to do a deal, is it durable? what are they facing after it? it's a time rather than thinking about taking big leaps forward, there's a tendency to think about what are the risks, and not what are the opportunities? i would say it's understandable that both sides have that view, but i would say something else. you know, the status quo is not static.
1:21am
the demographic clock keeps ticking. the currents among palestinians is one person, one vote. one of the big challenges for the administration is going to be how do you prereceiver the possibility of a two-state outcome which remaches in america's interests and remains, frankly, in israeli interest, and palestinian interests. palestinians will never achieve their aspirations if they go in terms of one state, a one-state outcome because that's not going to happen, but israel, also, has an interest in a two-state outcome, but ultimately, they don't have an interest in having the demographic clock dictate what israel's future's going to be. i think the key challenge for the administration is how do you preserve a two-state approach, and i think the real issue, at this point is, how do you contend with the greatest single problem, which in my mind, is disbelief on each side? the israeli public believes today the palestinians today are not interested in a two-state
1:22am
outcome, and if they talk about two states, it's a phasedded approach or a palestinian state and binational state. palestine says they are not interested in two states, never vending control, and why do they build in our state? neither one has a belief that the other is really committed to two states, and i think the challenge at this point is how do you change that dynamic? i have two more minutes. i have a 14-point proposal. [laughter] i do have a 14-step proposal, i could do it in three minutes? there's rumors i never took dpie dance, but that's not just true. i took it, at times. anyway, the point is that if you look at the peace issue, that is a human agenda for the administration in the middle east, and i have not made a reference to the transition if
1:23am
we talk about the greater middle east, i have not made a reference to the transition in afghanistan, which, by definition, this is a critical year for the administration on that, and obviously, it's a signature issue for the president. that has to be part of what is done, and then thrrsz the suprise, and what you do beginning of any term, first term or transition to the second term, think about what can you do to shape the landscape so you're in a better position to deal with surprises when they come. i'll stop there. >> thank you. [applause] >> jim. >> thank you, rob. it's no follow-up following
1:24am
dennis, but a couple points. first of all, i agree very much with him about this administration's follow on second term will probably be similar to the first, perhaps not quite as prudent, but i think, that is probably the good thing. the second bush party three administration was widely different, probably fortunately, than the first administration. anything's possible out there, and so let's begin. i'll talk about the same issues that dennis raised, and then go forward, a bit, on some other issues that we're going to be looking at. first of all, job one in our diplomacy for the middle east has to be continuing to rebuild our economic and financial strength here at home. this is vitally important. we see this not only in the ability to maintain our military
1:25am
strength upon which so much rests, but also we see this as important as the iran sanctions. thanks to the financial strength of our system that we can put banks around the world under pressure. it's the relations we have, diplomatic and energy with countries from iraq to saudi arabia we can count on additional production to balance the loss of iranian oil, and it's because of our own growth in hydrocarbons production at home we can absorb this and move forward so nonetheless, there is a famous quote that may be misattributed to leon which says that you may not be interested in law, but law is interested in you. well, we may not be interested as we focus on the economy in
1:26am
the middle east, but, believe me, the middle east, including its laws, are interested in us. as dennis said, not just afghanistan, but the transition out of iraq has led to perception in the field that united states is withdrawing from the region. it's not true. at the same time, we're building up just on the military side for israel. missile defense systems in turkey, strong development of coalition military defense capabilities in the gulf and continued operations against al-qaeda, but nonetheless, that is one of the first things that the obama administration's going to have to do is deal with this perception that on the military side we are pulling out. we're not, but the perception is out there. as den dennis said, iran is critical. he went through the reasons why.
1:27am
iran is focused on our attention, our -- why we have so much attention op it. i would just like to add that in looking at the breath as well as the depth of the problem with iran, its impact on notary public proliferation, regional stability, ail markets, the world economy, which is dependent upon the price of oil, our relations with israel, the role of the security council, and our role in the security council in the u.n. system. everything important is at stake with this. it's the most critical and most dangerous situation that the administration is facing in the next year. looking at it, though, and while the year is critical, we have to realize that this is not all about some misunderstanding or a fixable problem with ish -- iran not getting it about the civil program or the nuclear weapons program colliding with the international community. these are all manifest cations of the long --
1:28am
manifestations of the long term confrontation that we, and the rest of the west and most of the region had with iran, at least since the 1970s, and this confrontation will go on regardless of whether we get a nuclear deal or we have a strike to prevent iran from moving to that nuclear weapons capability. we're going to have to deal with this problem over the long term just as we have over the last 30 years because it employees from iran's view of its role in the region and the insippet -- inconsistency of that view and other areas in the region, our values, our role, in the region and as a leading power throughout the world. a couple of issues related to this that we need to look at. first of all, the obama administration has done, i think, a very good job, first of all, reaching out a hand to iran. that didn't work. a very tough set of policies
1:29am
ranging from the sanctions to the military deployments in the region that are basically beefed up our capability to withstand iranian action and to threaten iran's nuclear capabilities if it comes to that. in addition, the president, in taking the prevention position and making it clear this includes military force, and while avoided red line, closer to that in the debates, talking about breakthrough capacity, breakout capacity, he's basically laid down a very, very important market. this is a very serious thing because if iran were ever to move to that point, and we were not to react, we would lose app awful lot of not just face in the region, but we would lose an awful lot of support iwould predict. we have to be ready to carry that out. i sympathize with the president on the issues red lines;
1:30am
although, that's debated either way, one way or the other. no administration likes to be tied down, but there's a potential red line or fact to deal with in any prevention scenario where we don't say exactly when we would strike. if iran gets a nuclear weapon, what do we do then? one argument would be if we get evidence they have a nuclear device or nuclear capability or they have enough ewe rain yum to very quickly develop one of these things, and that can be done very quickly in that case, a strong argument can be made we make a clear that we will strike under those circumstances. ..
1:31am
>> on in that area and acted adventure. we have to win decisively it is absolutely critical. mrs. from 1988 and has saying good reaction for a
1:32am
decade to come. that will require continued american attention and deployment. with the 2012 defense guidance policy paper the focus is on asia. i would urge maintaining the air and missile defense systems to defeat iran should be the number one military priority in the year coming up. given the complexities we know how extraordinarily difficult this big energy
1:33am
policy, intelligence policy at operations, a military weighing and the diplomacy with the nuclear count. this these to be closely coordinated at the subcabinet level. we hope sid ministration looks at how that can be done. from the astute at "the new yorker" writing about u.s. government organized itself in syria on ned daily basis. there are several models out there but it is important
1:34am
iran is not seen as 15 problems. it is number one and will stay number one. but there are a beauty of other problems that compete with each other. syria. i concur with everything they said. for the longest time they thought it was inevitable. i am not so sure. not because i don't they these searches the is effective this is very powerful and effective. iran has committed powerful friends and appear to be
1:35am
ready that it will maintain control over syria up. russia and iran. the iranian victory would to will not be good because of the nuclear weapons a no man's land like fata or syria were militants associated with al qaeda find a new home. this is another reason why the minister should a stewing gauge through military means if necessary to provide weapons like the no-fly zone. this will slip of control and and at the best bet the
1:36am
worst see this gs in the fisher across the middle these followed by violence and fighting elsewhere. iraq has not received to much commentary in the debates are even the discussions of post-election foreign policy priority. but it needs to be. iraq is a success because of the united states and the people. it is right in the middle of the middle east and also to the kurds and energy. it has flaws but that is a good and may need to do our best to try to encourage.
1:37am
this needs to continue. the biggest is that syria pulls iraq asunder. with the kurds in one direction and the suni is in the other. so far that has not happened. of longer this situation is allowed to continue the more likely will occur. we lost troops to and and maintain union -- unity of iraq. it needs to be supported. the other major threat to the debate and struggle and dispute with the central government under prime minister balky -- malachi.
1:38am
but to play a huge role is oil. is the glue to hold iraq together with kurdistan contributing to the massive increase of the exports we see by the end of the decade. it is predicted to come out of iraq if all goes well. administrations has been engaged to work the deal in place to get them exported pipelines from the central government. iranians are a potential player as well.
1:39am
mrs. an area the administration needs to continue its focus. this remains a very dangerous threat. what we sought an iraq al qaeda portrays itself with this sunni muslim against the shia muslim. back in 2006 he was under criticism under the fata to do that rather than the shia muslim. basically al qaeda was leaving us alone because we were heavily armed but their target of preference was the shia. macy this again within she have very, very bad development shares the
1:40am
region apart. we went twice with the balkans in kosovo and bosnia to prevent such a split along religious lines the middle east is far more important and dangerous so we need to watch misheard. for herb diplomatidiplomati c reasons we see this we have not done a good job to explain the implications. why do we put the people on trial? is a complex issue and the criticism of the drums we don't want to have a lack of clarity lead to a situation that we are afraid to go after these people we don't
1:41am
think we have enough support from and american people. in those areas to there's not enough government control two yen with other places, al qaeda groups pop-up they are a threat to us in the to be kept under the highest pressure. i will stop there. they get very much. [applause] >> imagine a courageous national-security staff member riding a memo to the president outlined the policies for the second term. or maybe not the job was already lined up outside government. he may offer the following
1:42am
remarks. first, for less than theirs you take. one. as much as we would like to wish it away moving to a share with the real bandwidth based on our preference. we cannot avoid dealing with threats door challenges emanating from the region. middle east politics, mr. president revolves around two main threats. a hegemonic iran and the spread of radical sunni extremists of. this defines middle east politics early 20th century. the year remand house indian conflict or import -- are important but have little
1:43am
impact of the larger scheme of things. number three. in this part of the world there are very few happily ever rafters the stars with open admiration rarely ends that way. look at the bloodless revolution -- revolution the amazing courage of people of the protesters and to rear square. look with their today. over the last 19 years we learned to these 19 years ago but everybody else like you learned for the first time. as the overall less than whether the cairo speech he delivered in 2009 or your repeated declaration of prevention of iran nuclear
1:44am
capabilities to not mistake the former for the latter. today as a historian it is the anniversary of my her favorite ever presidential statement on the middle east 70 years ago today president franklin delano roosevelt issued the following statement to the people of the middle east imagine a president saying this. praise unto you the compassion and merciful. me the blessing of god be upon you. the great day for you because we the american and holy warriors have arrived. we have come here to fight the great jihad of freedom. we have come to set you free. today is the 70th anniversary of the landing on north africa so just imagine the president
1:45am
praising the american in jihad of freedom. [laughter] if those are three broad lessons witter the three most urgent find your agenda? because dealing with the rand generally, brain down a side quickly but prevent change the collapse of one or more at additional regime especially monarchies. morocco has figured out how did its survival as big brother looking out to those that would undermine interest but for the life of
1:46am
me i have not heard a good explanation as how the saudis provide no assistance to jordan. with a corollary i cannot understand why they do that to egypt. magic in jordan and egypt. the world's most researchers rich and of part of the world today undergo draconian restrictions on uses of energy. the lights are out in cairo every night it 10:00 and jordan has gasoline rationing. who are the three leaders that deserve for special attention, mr. president? first demar prime minister of israel. the gets another term he will be with you throw your presidency.
1:47am
-- throughout your presidency there's no percentage i'd like the first to you had with him. you are confident and complementary do not have to love each other but when you have a big agenda that requires you to work together and is very important for mr. that don yahoo! to work with you. you are the great power. israel is a small power. you have a role to play to build a new relationship with him as well. second, i will echo the second leader the prime minister of iraq mr. maliki. the third rail know we was to talk about it in public
1:48am
because that is such bad memories from the last decade geography is destiny this critical to the future of the middle east we have an important role to play we need to find a way to work together. third. the third leader is that a particular person but the next generation of the saudi leaders. as my colleague noted earlier, at the beginning of the job to the next generation with the appointment of the interior minister. the remaining sons of the founder macy's said the mias in quick succession during
1:49am
your next term as president. now was the time to build a deeper understanding on strategy and reform with the leaders to take their place. water three calamities we can prevent? looking at the demise of the kingdom of jordon but second to is the collapse of the palestinian authority. is of course, of bit of a luxury to think of the palestinian complex it be a vital interest to prevent a vain backwards the backward move would be the collapse of the palestinian authority.
1:50am
to move on to the less -- less well known from economic for it -- economic relationships and security relationships. at least to continue to provide renewed diplomacy in the future. the third calamity the show not overlook the possibility that buffer zone that made peace possible becomes a source of renewed conflict in the years ahead. working with the governor of egypt both militarily with investment to make sure sinai this not become somalia that exports
1:51am
instability. one of the big initiatives we can take? i will repeat one that dennis referred to. look at the mechanics is a holdover from the mubarak area. we have not through a strategy of tools or a method of implementation. with aid come a military relationship the whole range of items. initiative related to egypt israel relations there will that be a free trade agreement within the foreseeable future.
1:52am
egypt can reap benefits their massive expansion israel would do the deal in a heartbeat of that would require the islamic president of egypt to recognize a much broader than to relationship and utter the word publicly something that he has done better in his capacity. and to compare the turkish israel ties. it is overdue and in our interest. i you tried to do this once and did not succeed. syria and it is weaker today and should not on that station body of who get
1:53am
elected he will be stronger than he was the last time. after politics is clarified it is time to try this again. one last set of items. where the game changers? that every administration has to do with with the lack of creativity here is a handful of game changers that may occur on your watch that we need to be prepared. the next wave of of mass and by the protest. already the possibility of jordan and bahrain to not rule out saudi arabia after the events of 2011, and who
1:54am
can say with 100 percent certainty that the recent signs of a unrest writing, protest may not catch fire even in saudi arabia? caris umbro of course, this happen to president bush from 9/11 almost again to president obama with the attacks of bank ozzy. we should not rule out the entire range what that debt is to america is set of parity is to build up a series of embassies, an airplane, with the attack on the saudi ambassador. even on our soil there is a range of possibilities.
1:55am
third, the sinai clashed on steroids. miso this 2011 how the attempt by terrorists or the avert to kill israelis triggered the reaction that ended up with the peace treaty to be this faraway from total collapse. this is the sickness of the door of the embassy in cairo outside the protesters were banging down the door. that is of the military controlled egypt. another clash triggered by terrorists eminently possible to prevent a spiral.
1:56am
we have warned about this from wmd uses syria massive numbers of american soldiers with the troops from other nations. this would be a dramatic change on the ground and would transform your hopes for keeping american boots off the ground in the middle east throughout your second term. a moment of opportunity do not rule out the possibility with another trigger even to their i's and other surgeons a call for a change of the streets of tirana. and last time we took the vantage hopefully moving into another direction.
1:57am
and for the surprise iranian breakout. this needs to be prevented at all costs. i have avoided in the memo using the word legacy not once but remember this. if you try to resolve the issues to fix the palestinian complex people may never remember after all you be the sixth president in a row to try and fail the conflict but if iran this achieve nuclear weapon capability you the first president to be on his watch when iran got the bomb. these are my suggestions.
1:58am
take a vacation. [laughter] [applause] i will open the floor for regressions please identify a to whom you make the questions and i will ask my colleagues to respond. >> [inaudible]
1:59am
>> i have no idea if that is true. the administrations has highly skilled people that know the issue if there will be a negotiation is some play dire quite confident it will be through those people. i do think there will be a negotiation and a diplomatic initiative designed to test the proposition the iranians want to only what they say they want to. i can envision a proposal to have some power but with restrictions to divert that into a nuclear weapons capability. i am quite convinced the president seriously will like to achieve this through diplomatic means th